<%@ page language="java" contentType="text/html; charset=GBK"
    pageEncoding="GBK"%>
<%
	
	String userName = "";
	String role ="";
	if(session.getAttribute("userName")!=null &&session.getAttribute("role")!=null) {
		userName =(String) session.getAttribute("userName");
		role=  (String)session.getAttribute("role");
		
	}
	if(role.compareTo("admin")!=0){
		response.sendRedirect("login.jsp");
		System.out.println("pageValidate.jsp not admin");	
	}
%>    
    
    
<jsp:directive.page import="db.DBHander"/>
<% DBHander dbh = new DBHander(); %>    
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head><link REL = "Shortcut Icon" href="http://127.0.0.1:8080/hx10/favicon.ico">
<meta http-equiv="Content-Type" content="text/html; charset=GBK">
<title>Insert title here</title>
</head>
<body>
<jsp:include flush="true" page="navigation.jsp"></jsp:include>

<h2>News Manager</h2>
<%
	String id = request.getParameter("id");
	if(id==null){
		id ="1";
	}
	String sql="select * from newses where id="+id;
	dbh.rs = dbh.stmt.executeQuery(sql);
	dbh.rs.next();
%>

<form action=newsUpdate.jsp method=get>	
	<table>	
		<tr><td colspan=2><%=dbh.rs.getString(1) %></td></tr>
		<tr>
			<td>title</td>
			<td><input type=text name=title value="<%=dbh.rs.getString(2) %>" /> </td>
		</tr>
		
		<tr>
			<td>content</td>
			<td><input type=text name=date value="<%=dbh.rs.getString(3) %>" /> </td>	
		</tr>

		<tr>
			<td>Content</td>
			<td><textarea name=content><%=dbh.rs.getString(4) %></textarea> </td>	
		</tr>		
		<tr><td colspan=2> 
			<input type=submit value=submit />
		</td></tr>
	</table>
	<input type=hidden name=newsid value=<%=dbh.rs.getString(1) %> />
</form>

<%
dbh.releaseAll();

%>
<br>
<% 
//----------------------
DBHander db1 = new DBHander(); %> 

<table border=1>
	<tr>
		<td>id</td>
		<td>title</td>
		<td>date</td>	
		<td>content</td>	
	</tr>	


<%
	String sql1="select * from newses order by id";
	db1.rs = db1.stmt.executeQuery(sql1);
	while(db1.rs.next()){
%>
	<tr>
		<td><a href="newsAdmin.jsp?id=<%=db1.rs.getString(1) %>" ><%=db1.rs.getString(1) %></a></td>
		<td><%=db1.rs.getString(2) %></td>
		<td><%=db1.rs.getString(3) %></td>
		<td><%=db1.rs.getString(4) %></td>		
	</tr>
<%
	}
	db1.releaseAll();	
%>

</table>

</body>

</html>